Search results for "malware"

showing 10 items of 32 documents

HyperIO: A Hypervisor-Based Framework for Secure IO

2023

Malware often attempts to steal input and output through human interface devices to obtain confidential information. We propose to use a thin hypervisor, called “HyperIO”, to realize a secure path between input and output devices using a partial implementation of device drivers. We apply our approach using two security systems built on HyperIO: FireSafe and ClipCrypt. FireSafe is a web browser extension which allows a remote web server to display and receive sensitive user information securely. ClipCrypt enables the user to securely enter and view their confidential information in commodity Windows applications.

Fluid Flow and Transfer ProcessesvirtualisointiProcess Chemistry and Technologytrusted pathGeneral Engineeringtrusted path; virtualization; system security; browser security; malware protectionvirtualizationComputer Science Applicationsbrowser securityhaittaohjelmatjärjestelmänhallintatietosuojamalware protectionsystem securityGeneral Materials SciencetietoturvatietoverkotInstrumentationtietojärjestelmätApplied Sciences
researchProduct

Review of detection, assessment and mitigation of security risk in smart grid

2017

The integration of Information and Communication Technology (ICT) into the existing power grid has created new problems to the grid. The grid network has become more vulnerable to security threats and risk which is a corollary to the modern data network. Smart Grid has strict latency requirement for data communication and the violation of this latency is very costly. This paper assesses the threats and vulnerabilities associated with the Smart Grid network and reviews the methods to mitigate these security risks.

Grid networkComputer sciencebusiness.industryAccess controlComputer securitycomputer.software_genreGridSmart gridInformation and Communications TechnologyMalwareRisk assessmentbusinesscomputerRisk management2017 2nd International Conference on Power and Renewable Energy (ICPRE)
researchProduct

Hypervisor memory acquisition for ARM

2021

Abstract Cyber forensics use memory acquisition in advanced forensics and malware analysis. We propose a hypervisor based memory acquisition tool. Our implementation extends the volatility memory forensics framework by reducing the processor's consumption, solves the in-coherency problem in the memory snapshots and mitigates the pressure of the acquisition on the network and the disk. We provide benchmarks and evaluation.

Hardware_MEMORYSTRUCTURESComputer scienceHypervisorcomputer.software_genreMemory forensicsComputer Science ApplicationsPathology and Forensic MedicineMedical Laboratory TechnologyData_FILESOperating systemMemory acquisitionVolatility (finance)Malware analysisLawcomputerInformation SystemsForensic Science International: Digital Investigation
researchProduct

Data for: Detection of Algorithmically Generated Malicious Domain Names using Masked N-Grams

2019

It contains the dataset used for the experimentation. Specifically, there are two text files, each containing 32000 different domain names. One file is clean domain names, the other file contains DGA domains. THIS DATASET IS ARCHIVED AT DANS/EASY, BUT NOT ACCESSIBLE HERE. TO VIEW A LIST OF FILES AND ACCESS THE FILES IN THIS DATASET CLICK ON THE DOI-LINK ABOVE

Network SecurityData_FILESInterdisciplinary sciencesOtherMalware Mitigation
researchProduct

Domain Generation Algorithm Detection Using Machine Learning Methods

2018

A botnet is a network of private computers infected with malicious software and controlled as a group without the knowledge of the owners. Botnets are used by cybercriminals for various malicious activities, such as stealing sensitive data, sending spam, launching Distributed Denial of Service (DDoS) attacks, etc. A Command and Control (C&C) server sends commands to the compromised hosts to execute those malicious activities. In order to avoid detection, recent botnets such as Conficker, Zeus, and Cryptolocker apply a technique called Domain-Fluxing or Domain Name Generation Algorithms (DGA), in which the infected bot periodically generates and tries to resolve a large number of pseudorando…

Pseudorandom number generatorDomain generation algorithmAlphanumericComputer sciencebusiness.industryDomain Name SystemComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKSBotnetDenial-of-service attackMachine learningcomputer.software_genreComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMSCryptoLockerMalwareArtificial intelligencebusinesscomputer
researchProduct

First global next-to-leading order determination of diffractive parton distribution functions and their uncertainties within the {\tt xFitter} framew…

2018

We present {\tt GKG18-DPDFs}, a next-to-leading order (NLO) QCD analysis of diffractive parton distribution functions (diffractive PDFs) and their uncertainties. This is the first global set of diffractive PDFs determined within the {\tt xFitter} framework. This analysis is motivated by all available and most up-to-date data on inclusive diffractive deep inelastic scattering (diffractive DIS). Heavy quark contributions are considered within the framework of the Thorne-Roberts (TR) general mass variable flavor number scheme (GM-VFNS). We form a mutually consistent set of diffractive PDFs due to the inclusion of high-precision data from H1/ZEUS combined inclusive diffractive cross sections me…

QuarkParticle physicsPhysics and Astronomy (miscellaneous)parton distribution functionsHERAPREDICTIONSFOS: Physical scienceslcsh:AstrophysicsPartonhiukkasfysiikkaPROTON114 Physical sciences01 natural sciencesZeus (malware)CROSS-SECTIONSHigh Energy Physics - ExperimentDEEP-INELASTIC SCATTERINGHigh Energy Physics - Experiment (hep-ex)High Energy Physics - Phenomenology (hep-ph)deep inelastic scatteringlcsh:QB460-4660103 physical sciencesquantum chromodynamicslcsh:Nuclear and particle physics. Atomic energy. RadioactivityQCD ANALYSIS010306 general physicsEngineering (miscellaneous)PhysicsQuantum chromodynamicsLarge Hadron Collider010308 nuclear & particles physicsHERADeep inelastic scatteringHigh Energy Physics - PhenomenologyDistribution functionTESTSPHOTOPRODUCTIONlcsh:QC770-798LHC
researchProduct

ISAdetect

2020

Static and dynamic binary analysis techniques are actively used to reverse engineer software's behavior and to detect its vulnerabilities, even when only the binary code is available for analysis. To avoid analysis errors due to misreading op-codes for a wrong CPU architecture, these analysis tools must precisely identify the Instruction Set Architecture (ISA) of the object code under analysis. The variety of CPU architectures that modern security and reverse engineering tools must support is ever increasing due to massive proliferation of IoT devices and the diversity of firmware and malware targeting those devices. Recent studies concluded that falsely identifying the binary code's ISA ca…

Reverse engineeringprosessoritComputer scienceFirmware02 engineering and technologycomputer.file_formatcomputer.software_genrehaittaohjelmatInstruction setObject codeComputer engineering020204 information systemsEndianness0202 electrical engineering electronic engineering information engineeringMalwareesineiden internet020201 artificial intelligence & image processingBinary codeExecutabletietoturvacomputerProceedings of the Tenth ACM Conference on Data and Application Security and Privacy
researchProduct

Twitter Analysis for Real-Time Malware Discovery

2017

In recent years, the increasing number of cyber-attacks has gained the development of innovative tools to quickly detect new threats. A recent approach to this problem is to analyze the content of Social Networks to discover the rising of new malicious software. Twitter is a popular social network which allows millions of users to share their opinions on what happens all over the world. The subscribers can insert messages, called tweet, that are usually related to international news. In this work, we present a system for real-time malware alerting using a set of tweets captured through the Twitter API’s, and analyzed by means of a Bayes naïve classifier. Then, groups of tweets discussing th…

Settore ING-INF/05 - Sistemi Di Elaborazione Delle Informazioni021110 strategic defence & security studiesSocial networkSocial SensingComputer sciencebusiness.industry0211 other engineering and technologies02 engineering and technologycomputer.software_genreMalware AlertsSocial Sensing; Twitter Analysis; Malware AlertsWorld Wide WebBayes' theoremTwitter Analysi0202 electrical engineering electronic engineering information engineeringMalware020201 artificial intelligence & image processingbusinesscomputerClassifier (UML)
researchProduct

A hybrid system for malware detection on big data

2018

In recent years, the increasing diffusion of malicious software has encouraged the adoption of advanced machine learning algorithms to timely detect new threats. A cloud-based approach allows to exploit the big data produced by client agents to train such algorithms, but on the other hand, poses severe challenges on their scalability and performance. We propose a hybrid cloud-based malware detection system in which static and dynamic analyses are combined in order to find a good trade-off between response time and detection accuracy. Our system performs a continuous learning process of its models, based on deep networks, by exploiting the growing amount of data provided by clients. The prel…

Settore ING-INF/05 - Sistemi Di Elaborazione Delle InformazioniControl and OptimizationExploitComputer Networks and Communicationsbusiness.industryComputer scienceDistributed computingBig dataFeature extraction020206 networking & telecommunicationsCloud computing02 engineering and technologyStatic analysiscomputer.software_genreArtificial IntelligenceHybrid systemScalability0202 electrical engineering electronic engineering information engineeringMalware020201 artificial intelligence & image processingbusinesscomputerIEEE INFOCOM 2018 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)
researchProduct

Assisted labeling for spam account detection on twitter

2019

Online Social Networks (OSNs) have become increasingly popular both because of their ease of use and their availability through almost any smart device. Unfortunately, these characteristics make OSNs also target of users interested in performing malicious activities, such as spreading malware and performing phishing attacks. In this paper we address the problem of spam detection on Twitter providing a novel method to support the creation of large-scale annotated datasets. More specifically, URL inspection and tweet clustering are performed in order to detect some common behaviors of spammers and legitimate users. Finally, the manual annotation effort is further reduced by grouping similar u…

Social network021110 strategic defence & security studiesInformation retrievalSocial networkbusiness.industryComputer scienceSpam detectionSmart device0211 other engineering and technologies020206 networking & telecommunicationsUsability02 engineering and technologycomputer.software_genrePhishinglaw.inventionManual annotationlawComputer security0202 electrical engineering electronic engineering information engineeringBlacklistingMalwarebusinessCluster analysiscomputer
researchProduct